urlscan.io logo urlscan.io
SecurityTrails logo

www.cs2e6d0a26.top Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://p3m99f48be.top/
Effective URL: https://www.cs2e6d0a26.top/
Submission: On January 09 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 49 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.cs2e6d0a26.top.
TLS certificate: Issued by WE1 on January 2nd 2025. Valid for: 3 months.
This is the only time www.cs2e6d0a26.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 188.114.97.9 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 188.114.96.3 13335 (CLOUDFLAR...)
18 2600:9000:275... 16509 (AMAZON-02)
4 2001:4860:480... 15169 (GOOGLE)
2 142.250.185.200 15169 (GOOGLE)
1 18.244.18.75 16509 (AMAZON-02)
49 7
18    188.114.97.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
p3m99f48be.top
4    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.cs2e6d0a26.top
18    2600:9000:275d:4e00:19:424:e5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cidxig.claa39.top
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
1    18.244.18.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-75.fra56.r.cloudfront.net
cidxig.claa39.top
Apex Domain
Subdomains		 Transfer
19 claa39.top
cidxig.claa39.top
1 MB
18 p3m99f48be.top
p3m99f48be.top
1 MB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
651 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
2 cs2e6d0a26.top
www.cs2e6d0a26.top
8 KB
49 5
Domain Requested by
19 cidxig.claa39.top p3m99f48be.top
cidxig.claa39.top
18 p3m99f48be.top p3m99f48be.top
6 www.googletagmanager.com p3m99f48be.top
www.cs2e6d0a26.top
www.googletagmanager.com
4 region1.google-analytics.com www.googletagmanager.com
2 www.cs2e6d0a26.top p3m99f48be.top
cidxig.claa39.top
49 5

This site contains links to these domains. Also see Links.

Domain
cs2f983d30.top
caoliu1024.com
1024.fm
caoliu.sex
Subject Issuer Validity Valid
p3m99f48be.top
WE1		 2025-01-02 -
2025-04-02		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
cs2e6d0a26.top
WE1		 2025-01-02 -
2025-04-02		 3 months crt.sh
cig.claa39.top
Amazon RSA 2048 M03		 2024-09-23 -
2025-10-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.cs2e6d0a26.top/
Frame ID: EC80966B3C740C578606252BE62F48B9
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

欢迎您

Page URL History Show full URLs

  1. https://p3m99f48be.top/ Page URL
  2. http://www.cs2e6d0a26.top/ HTTP 307
    https://www.cs2e6d0a26.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

5
Subdomains

7
IPs

3
Countries

3601 kB
Transfer

5145 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://p3m99f48be.top/ Page URL
  2. http://www.cs2e6d0a26.top/ HTTP 307
    https://www.cs2e6d0a26.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
p3m99f48be.top/ 		53 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c59639bf1e3a5e838f1e4a61484c588dfba67beac196d98964f6ee96f65328f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ff2d0efbc6d0e64-AMS
content-encoding
zstd
content-type
text/html
date
Thu, 09 Jan 2025 07:46:54 GMT
last-modified
Tue, 24 Dec 2024 08:37:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5DoQ1Cz9gvn33A88c06aFa4JwZO60tFNP324mqiHRB2ZcusO9xWKZprbxOn%2FOBZcy%2FbFZeA2U6RhF0ovW1MNSLvraK42ilRzF6Mc7uiSCkhATH3GP1cAkwyw790RyB07A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=19065&min_rtt=15310&rtt_var=8783&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4168&recv_bytes=4486&delivery_rate=701&cwnd=12000&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=404&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding Accept-Encoding
addtohomescreen.css
p3m99f48be.top/js/add-to-homescreen-master/style/ 		10 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p3m99f48be.top/js/add-to-homescreen-master/style/addtohomescreen.css
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3744c5a26dd057bbfbbf0d5c999cb01d696ba8aa07d79a81521601d2f357ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66eccc8b-27ac"
age
59786
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lxe3utI1D7ldkvnLJMj4dhbiDIocQT0f8xVfr6MzL60%2BTBGqA9JkmN83TuDBWWTP4GLTckD3goiefNKVaiEeyhvmNjRsS2pRFnbywkZ4GWeL4i9v0hCW%2FqPGjMEy908dtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Jan 2025 15:10:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17460&min_rtt=14414&rtt_var=3037&sent=26&recv=22&lost=0&retrans=0&sent_bytes=17694&recv_bytes=6356&delivery_rate=148199&cwnd=22800&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=513&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Fri, 20 Sep 2024 01:14:51 GMT
priority
u=0,i=?0
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f2af6b0e64-AMS
server
cloudflare
addtohomescreen.js
p3m99f48be.top/js/add-to-homescreen-master/src/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3m99f48be.top/js/add-to-homescreen-master/src/addtohomescreen.js?v=1
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d39917923aeebff4b6cf4cc46f96b835edaa3af1b04ea9a67fa23bef10256c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"66eccc2a-80e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LF62mvJTnysOQ%2F7idnUw5jn0bUZ73McB82%2Fs422pib6gL2hvbZ7CiY17h6TNYXqp3j43f2APfCZXeTNwLZu09BwJDbmCr7Ltm13A5AB0k87KOvmvpkPqQ4BvjRtK0o4p%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 16 Jan 2025 07:46:54 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15229&min_rtt=14414&rtt_var=471&sent=339&recv=92&lost=0&retrans=0&sent_bytes=377070&recv_bytes=11032&delivery_rate=76030&cwnd=157200&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=881&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Fri, 20 Sep 2024 01:13:14 GMT
priority
u=1,i=?0
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f2af6c0e64-AMS
server
cloudflare
domainjs.php
p3m99f48be.top/ 		791 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3m99f48be.top/domainjs.php?type=2&t=094
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7393b104571b56524fc831b8589f68b5816c4c10870fdef23f5306b06aed1ec3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, no-cache, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ocRlPrA2o%2FQi5Ij3VWMmefU5z5vqAS605KmYB0QFEvq8%2B18cAUJqSWh5crS%2FXgcp89tSG%2Fbws4TzK3vKDDB5SCMTbl0HFSu3Ki7j9Tc7F%2BBVQGavrQSugZAu2vcS0aoepA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff2d0f2af6f0e64-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15296&min_rtt=14414&rtt_var=449&sent=337&recv=91&lost=0&retrans=0&sent_bytes=375668&recv_bytes=10987&delivery_rate=1207394&cwnd=157200&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=706&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
priority
u=1,i=?0
close_icon.png
p3m99f48be.top/images/index/ 		454 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/index/close_icon.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d159ae591e44fd8cafe6f5c4e8c2bd1b1ea9887a524d5aec22b3847444072f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66eccc89-1c6"
age
59786
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VgQdT1FJA1KRQtVTiJH0yN2KRS0Tlq8sy%2B7U6WUd6XCSnhMEO1HWgv3G5wcP5RucH3EcU9bxP034sIRy3RbIrot%2FGaDabaFuNh2%2FVjRDrxKPRy%2Ft2QB%2FZU4WcKnhn3ZY9w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 07 Feb 2025 15:10:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17460&min_rtt=14414&rtt_var=3037&sent=39&recv=22&lost=0&retrans=0&sent_bytes=31735&recv_bytes=6356&delivery_rate=148199&cwnd=22800&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=515&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 01:14:49 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f2af710e64-AMS
accept-ranges
bytes
content-length
454
server
cloudflare
logo-icon.png
p3m99f48be.top/images/index/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/index/logo-icon.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1aee0c6071bb412ee40eee39041712a3bc264d026555fd5cfc1d1756165abb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66eccc29-1b81"
age
1145
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wjOVfLy1O%2FSXQf758HT40IkY2568npONu4fiUwBKiCai212cg%2B%2FGnF5UoYi4yvUTkGFVfDa3nxYHfpKZiTHLYmtyOwR62YykcKsVXAmA4oqbIe6QKd0ccjf%2FQ52Of9132w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 08 Feb 2025 07:27:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17460&min_rtt=14414&rtt_var=3037&sent=32&recv=22&lost=0&retrans=0&sent_bytes=23834&recv_bytes=6356&delivery_rate=148199&cwnd=22800&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=515&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 01:13:13 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f2af720e64-AMS
accept-ranges
bytes
content-length
7041
server
cloudflare
phone@2x.png
p3m99f48be.top/images/ 		383 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/phone@2x.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80d2406c083fda095b337c6673a565fb6ab10969b740f967061d3f6a3b6d61f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66eccc8a-17f"
age
59785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14to1D3SgRjresL%2FoNP9awsYzALumCtIiR4x80JHwSXYQtCsz4T7TA6Qc3hpfYsG3fGFGXIVkkDJ4b61Zpc9Le9HeBKUT2sj%2F8ARVOl5Q725r9cD%2BemqXfLE2qOW3EqyHA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 07 Feb 2025 15:10:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16747&min_rtt=14414&rtt_var=1198&sent=41&recv=31&lost=0&retrans=0&sent_bytes=32932&recv_bytes=7322&delivery_rate=604558&cwnd=22800&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=547&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 01:14:50 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f2efaa0e64-AMS
accept-ranges
bytes
content-length
383
server
cloudflare
phone-bg.png
p3m99f48be.top/images/ 		272 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/phone-bg.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8698fe8727da2c64634b65dc8f69b5b792ce34bd5485c385ca75ab9380bab0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66eccc8a-43e99"
age
59785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOVf8PS4YtU82yHpmx9gb5SB%2BmJQ%2BQcEx5GjZpkhpL8WKlajdE6FVgRsHKyyVuMgxjZPMu2SlvLIP9MlSAgqd1jaCl9nSawEKAi4qlwZHkuJ2PTTKA5gg0Ztrl7Pc4DzHg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 07 Feb 2025 15:10:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16747&min_rtt=14414&rtt_var=1198&sent=42&recv=31&lost=0&retrans=0&sent_bytes=34030&recv_bytes=7322&delivery_rate=604558&cwnd=22800&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=551&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 01:14:50 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f2efab0e64-AMS
accept-ranges
bytes
content-length
278169
server
cloudflare
jiuban.png
p3m99f48be.top/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/jiuban.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d82696d9752d4ddd2a0defb341453c0006e53a32225a733cac33912a9a5070a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"6736fdb0-49e1"
age
59785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5tkCILjDeMnQUp0vodKEgbx%2FEufIYkQvLIUlMEShxPBq%2FvCqrIVme212k9aXjaqxTqp0HEri8GFst4y0penkHRNVGh9kpwBqrCq1TLY3Upkrmel%2Bu5k8nqLhl0eRIMRDjA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 07 Feb 2025 15:10:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18681&min_rtt=14414&rtt_var=1535&sent=101&recv=42&lost=0&retrans=0&sent_bytes=101356&recv_bytes=8082&delivery_rate=808523&cwnd=45600&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=580&x=1", cfExtPri, cfHdrFlush;dur=1
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
image/png
last-modified
Fri, 15 Nov 2024 07:52:16 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f31fd40e64-AMS
accept-ranges
bytes
content-length
18913
server
cloudflare
xinban.png
p3m99f48be.top/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/xinban.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66eccc8a-4631"
age
59785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KPu0RHhuJrg34%2FdDUOk1deS7DNIGZTdcfdY25eaNVZU3p8dk8cyjIJ6OL1%2FZxQubXUPseBEdDNB%2B8pd30L4NZDDGHHou%2BIFgv6ZzrjxmEl%2Bi3If5BbgoZSdbc%2Bpbfp0ppw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 07 Feb 2025 15:10:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15250&min_rtt=14414&rtt_var=396&sent=350&recv=99&lost=0&retrans=0&sent_bytes=388458&recv_bytes=13426&delivery_rate=737825&cwnd=157200&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=912&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 01:14:50 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f529ed0e64-AMS
accept-ranges
bytes
content-length
17969
server
cloudflare
tanhao.png
p3m99f48be.top/images/index/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/index/tanhao.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66eccc89-40b"
age
59785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R95QavqNu8afu%2BbuoUKXfm%2F4LLefrq8WH2pC6YjNn%2B04rtMsXbfmqtOssJ0EnRgbtKFM0vrhCYvSOCz9icGnQIkyH%2Fzw%2FR8WAxCqzgpyZq3W59tlvrUvrinMS2hcHWxGnA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 07 Feb 2025 15:10:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15250&min_rtt=14414&rtt_var=396&sent=360&recv=99&lost=0&retrans=0&sent_bytes=400458&recv_bytes=13426&delivery_rate=737825&cwnd=157200&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=913&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 01:14:49 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f529f00e64-AMS
accept-ranges
bytes
content-length
1035
server
cloudflare
url-icon.png
p3m99f48be.top/images/index/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/index/url-icon.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66eccc89-463"
age
59785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRFez9ZvX%2FjC85l%2BrskJT8pctpJ5OvuUclrmxQl%2BgjZ2L2NoCEwm1fbShPXl4580dySreCLlPYXcylKhi0y9tmujY0QIw3OVhU1GTlqBk1ca2%2F8zQqDg37SWjp5xryQZXg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 07 Feb 2025 15:10:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15250&min_rtt=14414&rtt_var=396&sent=368&recv=99&lost=0&retrans=0&sent_bytes=409297&recv_bytes=13426&delivery_rate=737825&cwnd=157200&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=914&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 01:14:49 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f529f30e64-AMS
accept-ranges
bytes
content-length
1123
server
cloudflare
haiwai.png
p3m99f48be.top/images/index/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/index/haiwai.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
MISS
etag
"66eccc29-654"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZOeafo%2BJmgj1xOn7wjkeO%2BSSSsEe%2FEgNJKZSbl9coO2yGWpuXPUAo8TAtAXrHsqqFZ4FFIPCpKZ2si8rpjvelm5Vs8b%2Ff0iEqt%2Few9U4eDIjjU1%2FftNGIvSQmggtxOVJA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 08 Feb 2025 07:46:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15902&min_rtt=14414&rtt_var=784&sent=1309&recv=198&lost=0&retrans=0&sent_bytes=1529075&recv_bytes=17900&delivery_rate=59892&cwnd=592800&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=1269&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:55 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 01:13:13 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f529f60e64-AMS
accept-ranges
bytes
content-length
1620
server
cloudflare
bg3.png
p3m99f48be.top/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/bg3.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66eccc8a-1055f2"
age
59785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2BUOpd2c%2Fyzjq%2B2R3HeefzdtSz0Cddv7xJqoI1fLujGLCnQ1lt%2BJttHNIANNSiR7cG%2BzhvPrDNsApjO5kYNZHHjjs0a%2FAX4vdrSpWvwXG4u0hFMQ%2F8Vzo1BqpM2HWQrToA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 07 Feb 2025 15:10:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15250&min_rtt=14414&rtt_var=396&sent=370&recv=99&lost=0&retrans=0&sent_bytes=411164&recv_bytes=13426&delivery_rate=737825&cwnd=157200&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=915&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 01:14:50 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f529f80e64-AMS
accept-ranges
bytes
content-length
1070578
server
cloudflare
email-pc.png
p3m99f48be.top/images/index/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3m99f48be.top/images/index/email-pc.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66eccc89-4941"
age
59785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItU9B55H0VBuyntFAuONoPbwXgIHnkdTfXjCDcYhk8u4adeeSoj0aB4%2FCNyD%2FbagPcamuaxY68xK0KXaGso%2FBJ5Ku0k9sIAEAsOXakqVfxE4F9oxrzikiSrBQgowyMuqKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 07 Feb 2025 15:10:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15250&min_rtt=14414&rtt_var=396&sent=483&recv=99&lost=0&retrans=0&sent_bytes=545658&recv_bytes=13426&delivery_rate=737825&cwnd=157200&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=917&x=1", cfExtPri, cfHdrFlush;dur=10
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 01:14:49 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f529fb0e64-AMS
accept-ranges
bytes
content-length
18753
server
cloudflare
clipboard-2.0.4.min.js
p3m99f48be.top/js/clipboard/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3m99f48be.top/js/clipboard/clipboard-2.0.4.min.js?t=1
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66eccc8b-2a02"
age
59785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1XdZiSYSwIcXpxwYOs8IxDDn7nAzm%2BXBF8fAT4yaq4djXSkc5UH2%2FCNLhbMxFbRYNd3w2NIovPJBfpCdlo4c6JZkEhRY6WAb6tmMOwuTp8yuC2Xbbok2v4sTjC2jeJ9UoA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Jan 2025 15:10:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16014&min_rtt=14414&rtt_var=1480&sent=304&recv=77&lost=0&retrans=0&sent_bytes=339354&recv_bytes=9881&delivery_rate=5633945&cwnd=157200&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=615&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Fri, 20 Sep 2024 01:14:51 GMT
priority
u=2,i=?0
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f358170e64-AMS
server
cloudflare
jquery.3.4.1.min.js
p3m99f48be.top/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3m99f48be.top/js/jquery.3.4.1.min.js
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66eccc8b-15851"
age
59785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7O98%2FGy%2Bj6rULWUfGcIclu9GGrBU3LQwYfxSWwfYSPF%2ByC7rr3bKwBptVfScwfvKN0jjxZCBtKlDI8zfZKSpu%2FtPNpabxGjH70qrv5qNyh3DbtOUGjh6NEsczA2E6xkPEg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Jan 2025 15:10:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15268&min_rtt=14414&rtt_var=585&sent=310&recv=88&lost=0&retrans=0&sent_bytes=343560&recv_bytes=10854&delivery_rate=6380124&cwnd=157200&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=641&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
last-modified
Fri, 20 Sep 2024 01:14:51 GMT
priority
u=2,i=?0
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff2d0f378340e64-AMS
server
cloudflare
domainjs.php
p3m99f48be.top/ 		147 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3m99f48be.top/domainjs.php?type=1&t=094
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, no-cache, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZBO8Q9Rgnp6UtbCXBxAR2ZWbgYsTpDIeLvwq9z353v69oxE%2FnyqzqejNftGPItIB5N3QKz3bLAPsKM3JWsEItWdl75tVT%2FhxVMI24Kna4tu7YAnxMncXGkpR8hfO3pAAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff2d0f3883b0e64-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16087&min_rtt=14414&rtt_var=550&sent=1308&recv=197&lost=0&retrans=0&sent_bytes=1527937&recv_bytes=17854&delivery_rate=22555459&cwnd=592800&unsent_bytes=0&cid=a31a6fc51cdc5a97&ts=988&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
priority
u=2,i=?0
js
www.googletagmanager.com/gtag/ 		328 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3ZHR4YBDVK
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 09 Jan 2025 07:46:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 07:46:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111548
x-xss-protection
0
server
Google Tag Manager
Primary Request /
www.cs2e6d0a26.top/
Redirect Chain
  • http://www.cs2e6d0a26.top/
  • https://www.cs2e6d0a26.top/
44 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cs2e6d0a26.top/
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6617e9bf2045ab3675df9572558563aa302d59ebbfccc4d5ee15033922e1aeca

Request headers

Referer
https://p3m99f48be.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ff2d0f57b3266d8-AMS
content-encoding
zstd
content-type
text/html
date
Thu, 09 Jan 2025 07:46:55 GMT
last-modified
Tue, 24 Dec 2024 09:08:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SL1PbIzZFp%2BkuDAdBnyqWz6bwYxhWnZFGWAuaCm1f8pPzF0Er4RTd8S7xo8lu6ojmb8h5XQycWkYbJRUTRvz1ao6EYdDMv0HIvoDGdG6bHJzgWCp8j6Vc1IjhvkrfQAJ3lZ6HOM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15313&min_rtt=14969&rtt_var=2598&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4197&recv_bytes=4479&delivery_rate=694&cwnd=12000&unsent_bytes=0&cid=a8ab5960ac7d88fb&ts=368&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

Location
https://www.cs2e6d0a26.top/
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/ 		333 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KCKJL9NRY7
Requested by
Host: www.cs2e6d0a26.top
URL: https://www.cs2e6d0a26.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
684cd670d492d3f386234e56fb895870806c1cffa34ed30af88912b938bad541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cs2e6d0a26.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 09 Jan 2025 07:46:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 07:46:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
113135
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		324 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-255J96M2SG
Requested by
Host: www.cs2e6d0a26.top
URL: https://www.cs2e6d0a26.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e009a575652a30628b5bca768efb3156db43ae23751c56b7b8de24f270ced574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cs2e6d0a26.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 09 Jan 2025 07:46:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 07:46:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111042
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		328 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3ZHR4YBDVK
Requested by
Host: www.cs2e6d0a26.top
URL: https://www.cs2e6d0a26.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1de985fe78133e278d1333428537ab69283f3b32a2ad7c64769cda5e00198a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cs2e6d0a26.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 09 Jan 2025 07:46:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 07:46:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111547
x-xss-protection
0
server
Google Tag Manager
index.css
cidxig.claa39.top/images/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cidxig.claa39.top/images/index.css?v=6
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f5bdd0428ce32712cd47c600a66a3d81772896d2e13d7cc5256bcdfa868733c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"63f0d158-38c3"
age
16653
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
SC4Bzqmx0xfX83epy4t4_fGW9mSYe-MlHaXYrSg97ILIAhm0PwWaJg==
date
Thu, 09 Jan 2025 03:09:22 GMT
content-type
text/css
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
clipboard-2.0.4.min.js
cidxig.claa39.top/images/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cidxig.claa39.top/images/clipboard-2.0.4.min.js
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6d6949adf9cc8fb80d433d72d525033776b05fbf5bdaf2691cdd77ffce567108

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

content-encoding
gzip
etag
W/"63f0d158-2a02"
age
24978
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
qIdpwKgkAffIwxb6zE6tan3gToHYvXU7ALdfm19Vw_Br5LpEd379hw==
date
Thu, 09 Jan 2025 01:42:32 GMT
content-type
application/javascript
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
jquery.3.4.1.min.js
cidxig.claa39.top/images/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cidxig.claa39.top/images/jquery.3.4.1.min.js
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

content-encoding
gzip
etag
W/"63f0d158-15851"
age
10817
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
kXnlp257WWF82PkyiVWTjcDvx5FeXk_wyPdbBb28hIu5RznIqtC3mg==
date
Thu, 09 Jan 2025 04:46:38 GMT
content-type
application/javascript
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
addtohomescreen.css
cidxig.claa39.top/images/ 		10 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cidxig.claa39.top/images/addtohomescreen.css
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2e3744c5a26dd057bbfbbf0d5c999cb01d696ba8aa07d79a81521601d2f357ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"63f0d158-27ac"
age
10799
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
IDRtElpZjICCqb_s82wx1H4Q3-lenWOiTLpJqFFCPpMn4QV2cI4ooQ==
date
Thu, 09 Jan 2025 04:46:56 GMT
content-type
text/css
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
addtohomescreen.js
cidxig.claa39.top/images/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cidxig.claa39.top/images/addtohomescreen.js
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1cddc4483427888c8511824d09337409df5865b16c0504e0dccb66b85ce17dc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

content-encoding
gzip
etag
W/"63f0d158-840b"
age
15019
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
3vru-d34ZMui_d6F_wi_Vq-QdhziqH3GLQIHvjNvd2MrmefNeQyyXA==
date
Thu, 09 Jan 2025 03:36:36 GMT
content-type
application/javascript
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
close_icon.png
cidxig.claa39.top/images/ 		454 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/close_icon.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4d159ae591e44fd8cafe6f5c4e8c2bd1b1ea9887a524d5aec22b3847444072f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-1c6"
age
84732
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
454
x-amz-cf-id
usrO9FNIsPjKF0qkd3ejziEGW25E29cqJbsp-_1-4D1joV6grS1GnQ==
date
Wed, 08 Jan 2025 08:14:43 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
logo-icon.png
cidxig.claa39.top/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/logo-icon.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0f1aee0c6071bb412ee40eee39041712a3bc264d026555fd5cfc1d1756165abb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-1b81"
age
63257
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
7041
x-amz-cf-id
8FylKMnn2wuol4UeLGOxdrQ-RLXWeABcG3CiTQuQ10_BtV72emOJYg==
date
Wed, 08 Jan 2025 14:12:38 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
phone2x.png
cidxig.claa39.top/images/ 		383 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/phone2x.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
80d2406c083fda095b337c6673a565fb6ab10969b740f967061d3f6a3b6d61f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-17f"
age
84732
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
383
x-amz-cf-id
9sxTn5yE61RcGSULyeAS45TMmgNkxBns_rwfyupddeXOhsdHZvoRfw==
date
Wed, 08 Jan 2025 08:14:43 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
phone-bg.png
cidxig.claa39.top/images/ 		272 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/phone-bg.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3b8698fe8727da2c64634b65dc8f69b5b792ce34bd5485c385ca75ab9380bab0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-43e99"
age
84732
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
278169
x-amz-cf-id
n0yBDzLcKf4jMH2DCoJejBwGgifR3qiX0teMgqHq5Mqi6kqQAddsWw==
date
Wed, 08 Jan 2025 14:12:41 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
jiuban.png
cidxig.claa39.top/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/jiuban.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5d82696d9752d4ddd2a0defb341453c0006e53a32225a733cac33912a9a5070a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-49e1"
age
63254
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
18913
x-amz-cf-id
6DRm5fJ-23J0GxTZq5DjWRKpLjShX3kUz-HddZRsGz5NPmaQtN4nHA==
date
Wed, 08 Jan 2025 14:12:41 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
xinban.png
cidxig.claa39.top/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/xinban.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d04b3581c098d5419730cd73ac9b936c4d6912fccbf03606fa8bfa28b106f7de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-4631"
age
84732
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
17969
x-amz-cf-id
v7QjgrfuxRWtLtftuBqvmtTc3fVCFBOPO3JrEMNcXq7k_bettsilUA==
date
Wed, 08 Jan 2025 13:00:15 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
tanhao.png
cidxig.claa39.top/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/tanhao.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a54082e742d5af6acf7842753acfa0132b05996f55e61c3e9bd4508cd565b767

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-40b"
age
84732
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
1035
x-amz-cf-id
-I67u3IztNz5A4wneJdcs0NkRYbvvghhoUnWPnQmKn9xPtS5ndPjNA==
date
Wed, 08 Jan 2025 14:12:42 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
url-icon.png
cidxig.claa39.top/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/url-icon.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
841065ed4d50bc0bd4aad095b9b6cf0ad8dd62bcc01ae4ab4e326b4d7871b81f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-463"
age
84732
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
1123
x-amz-cf-id
ZIgRSFYzkIfie-bjJeFTqXpCpeOM3ZZwzS_22xpitPwIHtN_okdG5w==
date
Wed, 08 Jan 2025 14:12:42 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
haiwai.png
cidxig.claa39.top/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/haiwai.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d842f6dae28313c66d853ebb943e7de7e09404e88a4c7caecb4009f258c9e9a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-654"
age
84732
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
1620
x-amz-cf-id
k8cJEb0k4uiQZSp7dOSNkZi33OlONekKPphwc2FRELKmVcYISrQHoA==
date
Wed, 08 Jan 2025 14:12:42 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
bg3.png
cidxig.claa39.top/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/bg3.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8078f29589f6d516992c9a53666d72eb67f4ffc12f2773c632eac2ca36554208

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-1055f2"
age
84732
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
1070578
x-amz-cf-id
LJuKVUSfCM7OUsh88Ghw7-qgSyJxZ-2e6TefuzxLe1OZCCp8WFNw1Q==
date
Wed, 08 Jan 2025 14:12:37 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
email-pc.png
cidxig.claa39.top/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/email-pc.png
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
022099a3a8ead24dc28c35f0fec412b7569bd65f0d542e54f3716b1fe3394c75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"664a6284-4941"
age
84732
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
18753
x-amz-cf-id
WUOhqgvKr-F8eVS0v7Oh0Ab-CkzPiWm-PxmCydQ3JblIHufIyhlBHQ==
date
Wed, 08 Jan 2025 14:12:37 GMT
content-type
image/png
last-modified
Sun, 19 May 2024 20:35:16 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
index.js
cidxig.claa39.top/images/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cidxig.claa39.top/images/index.js?v=6
Requested by
Host: p3m99f48be.top
URL: https://p3m99f48be.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
38bf2c24f65187a28e2f41d6828c49aa68ad553f0df1021865895fdb21cef5a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

content-encoding
gzip
etag
W/"63f0d401-1571"
age
10817
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ZwXvaw_SLIGigEz7sfiVEA_qDUad-6f78tFf2hsf0VVGgMVXY8JxxA==
date
Thu, 09 Jan 2025 04:46:38 GMT
content-type
application/javascript
last-modified
Sat, 18 Feb 2023 13:34:57 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
jc.png
cidxig.claa39.top/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cidxig.claa39.top/images/jc.png
Requested by
Host: cidxig.claa39.top
URL: https://cidxig.claa39.top/images/index.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4e00:19:424:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
322e5ea660b142cc1960047242268fdd125c54fef6af3b9f2f5b714fb5dc7dea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cidxig.claa39.top/images/index.css?v=6

Response headers

etag
"63f0d158-985b"
age
47416
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
39003
x-amz-cf-id
PLuX8xCe3bWoz448FAZVGBiI8xzhSp0fWFJt7FdRI-1x5ECTYjwJzQ==
date
Wed, 08 Jan 2025 18:36:39 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11
index.php
www.cs2e6d0a26.top/umeng/ 		281 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cs2e6d0a26.top/umeng/index.php
Requested by
Host: cidxig.claa39.top
URL: https://cidxig.claa39.top/images/jquery.3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d98a7b3958d45bfb7dc25f8a8d28b9c7bec4fe8a56e1c0ff37277ff4e229d5e

Request headers

Referer
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ahCTgG6pd2dq3M89eVEOdplv%2FFtqU5N9hmG8QNo2mRyEhDwbS8dgeUrBC321PHPVMYB83pVqhr6ulBtczXIK9YxsitTfHvM9iDpMzW6tbDudbLPCrcJK5lQj%2B7Kr7AxY2DQNEzU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15690&min_rtt=14969&rtt_var=1758&sent=21&recv=15&lost=0&retrans=0&sent_bytes=11823&recv_bytes=4991&delivery_rate=503788&cwnd=12000&unsent_bytes=0&cid=a8ab5960ac7d88fb&ts=789&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 07:46:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
priority
u=0,i
access-control-allow-headers
*, DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cache-control
public, no-cache, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8ff2d0f90ef566d8-AMS
access-control-allow-origin
*
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-255J96M2SG&gtm=45je5170v9120916595za200&_p=1736408815492&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1663309464.1736408816&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736408815&sct=1&seg=0&dl=https%3A%2F%2Fwww.cs2e6d0a26.top%2F&dt=%E6%AC%A2%E8%BF%8E%E6%82%A8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=880
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-255J96M2SG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.cs2e6d0a26.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 07:46:55 GMT
content-type
text/plain
server
Golfe2
js
www.googletagmanager.com/gtag/ 		328 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3ZHR4YBDVK&l=dataLayer&cx=c&gtm=45je5170v9120916595za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-255J96M2SG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bcf2cda67cc39d14febe1fa90b01c3fde68611a06fe174645d8f5ab5f9da3665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 09 Jan 2025 07:46:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 07:46:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111618
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		303 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QTT9CLMQSW&l=dataLayer&cx=c&gtm=45je5170v9133240365za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KCKJL9NRY7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9e932ce1201d2cbc6626b76d352cdec79979b2da3428d30039c90f8d4e36045a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 09 Jan 2025 07:46:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 07:46:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106254
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KCKJL9NRY7&gtm=45je5170v9133240365za200&_p=1736408815492&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1663309464.1736408816&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736408815&sct=1&seg=0&dl=https%3A%2F%2Fwww.cs2e6d0a26.top%2F&dt=%E6%AC%A2%E8%BF%8E%E6%82%A8&en=page_view&_fv=1&_ss=1&_ee=1&tfd=894
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KCKJL9NRY7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.cs2e6d0a26.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 07:46:55 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3ZHR4YBDVK&gtm=45je5170v9181601515za200zb9120916595&_p=1736408815492&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1663309464.1736408816&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736408815&sct=1&seg=0&dl=https%3A%2F%2Fwww.cs2e6d0a26.top%2F&dt=%E6%AC%A2%E8%BF%8E%E6%82%A8&en=page_view&_fv=1&_ss=1&_ee=1&tfd=922
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ZHR4YBDVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.cs2e6d0a26.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 07:46:55 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QTT9CLMQSW&gtm=45je5170v883799380z89133240365za200zb9133240365&_p=1736408815492&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1663309464.1736408816&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1736408816&sct=1&seg=0&dl=https%3A%2F%2Fwww.cs2e6d0a26.top%2F&dt=%E6%AC%A2%E8%BF%8E%E6%82%A8&en=page_view&_fv=1&_ss=1&tfd=1128
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QTT9CLMQSW&l=dataLayer&cx=c&gtm=45je5170v9133240365za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.cs2e6d0a26.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 07:46:56 GMT
content-type
text/plain
server
Golfe2
favicon-32x32.png
cidxig.claa39.top/images/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cidxig.claa39.top/images/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.244.18.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-75.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
059f5df049b01b7337cad26f600b2c9db24f052909917875a1b4957d053d7999

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
"63f0d158-933"
age
84731
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
2355
x-amz-cf-id
0acPq_GK-4thavAusCYO19CKdXkJcyDyOpc0eoiD2sQXA8-M0PwvtQ==
date
Wed, 08 Jan 2025 08:14:45 GMT
content-type
image/png
last-modified
Sat, 18 Feb 2023 13:23:36 GMT
server
nginx
x-amz-cf-pop
FRA56-P11

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| ABA function| _ABA function| _LOVE string| _escape function| atlpdp1 function| atlpdp2 object| OIO object| _110 function| ClipboardJS function| $ function| jQuery function| addToHomescreen function| isPC function| isInDomains function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

8 Cookies

Domain/Path Name / Value
p3m99f48be.top/ Name: a2640_lastpos
Value: other
p3m99f48be.top/ Name: a2640_lastvisit
Value: 0%091736408814%09%2Fdomainjs.php%3Ftype%3D1%26t%3D094
www.cs2e6d0a26.top/ Name: a2640_lastvisit
Value: 0%091736408815%09%2Fumeng%2Findex.php%3F
.cs2e6d0a26.top/ Name: _ga
Value: GA1.1.1663309464.1736408816
.cs2e6d0a26.top/ Name: _ga_255J96M2SG
Value: GS1.1.1736408815.1.0.1736408815.0.0.0
.cs2e6d0a26.top/ Name: _ga_KCKJL9NRY7
Value: GS1.1.1736408815.1.0.1736408815.0.0.0
.cs2e6d0a26.top/ Name: _ga_3ZHR4YBDVK
Value: GS1.1.1736408815.1.0.1736408815.0.0.0
.cs2e6d0a26.top/ Name: _ga_QTT9CLMQSW
Value: GS1.1.1736408816.1.0.1736408816.0.0.0

5 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cidxig.claa39.top/images/clipboard-2.0.4.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cidxig.claa39.top/images/clipboard-2.0.4.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cidxig.claa39.top/images/jquery.3.4.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cidxig.claa39.top/images/addtohomescreen.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cidxig.claa39.top/images/index.js?v=6, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cidxig.claa39.top
p3m99f48be.top
region1.google-analytics.com
www.cs2e6d0a26.top
www.googletagmanager.com
142.250.185.200
18.244.18.75
188.114.96.3
188.114.97.9
2001:4860:4802:32::36
2600:9000:275d:4e00:19:424:e5c0:93a1
2a00:1450:4001:812::2008
022099a3a8ead24dc28c35f0fec412b7569bd65f0d542e54f3716b1fe3394c75
059f5df049b01b7337cad26f600b2c9db24f052909917875a1b4957d053d7999
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c59639bf1e3a5e838f1e4a61484c588dfba67beac196d98964f6ee96f65328f
0f1aee0c6071bb412ee40eee39041712a3bc264d026555fd5cfc1d1756165abb
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
1cddc4483427888c8511824d09337409df5865b16c0504e0dccb66b85ce17dc2
1de985fe78133e278d1333428537ab69283f3b32a2ad7c64769cda5e00198a62
2e3744c5a26dd057bbfbbf0d5c999cb01d696ba8aa07d79a81521601d2f357ec
322e5ea660b142cc1960047242268fdd125c54fef6af3b9f2f5b714fb5dc7dea
38bf2c24f65187a28e2f41d6828c49aa68ad553f0df1021865895fdb21cef5a4
3b8698fe8727da2c64634b65dc8f69b5b792ce34bd5485c385ca75ab9380bab0
3d98a7b3958d45bfb7dc25f8a8d28b9c7bec4fe8a56e1c0ff37277ff4e229d5e
4d159ae591e44fd8cafe6f5c4e8c2bd1b1ea9887a524d5aec22b3847444072f2
5d82696d9752d4ddd2a0defb341453c0006e53a32225a733cac33912a9a5070a
6617e9bf2045ab3675df9572558563aa302d59ebbfccc4d5ee15033922e1aeca
684cd670d492d3f386234e56fb895870806c1cffa34ed30af88912b938bad541
6d6949adf9cc8fb80d433d72d525033776b05fbf5bdaf2691cdd77ffce567108
7393b104571b56524fc831b8589f68b5816c4c10870fdef23f5306b06aed1ec3
7d39917923aeebff4b6cf4cc46f96b835edaa3af1b04ea9a67fa23bef10256c7
8078f29589f6d516992c9a53666d72eb67f4ffc12f2773c632eac2ca36554208
80d2406c083fda095b337c6673a565fb6ab10969b740f967061d3f6a3b6d61f7
841065ed4d50bc0bd4aad095b9b6cf0ad8dd62bcc01ae4ab4e326b4d7871b81f
9e932ce1201d2cbc6626b76d352cdec79979b2da3428d30039c90f8d4e36045a
a54082e742d5af6acf7842753acfa0132b05996f55e61c3e9bd4508cd565b767
bcf2cda67cc39d14febe1fa90b01c3fde68611a06fe174645d8f5ab5f9da3665
d04b3581c098d5419730cd73ac9b936c4d6912fccbf03606fa8bfa28b106f7de
d842f6dae28313c66d853ebb943e7de7e09404e88a4c7caecb4009f258c9e9a4
e009a575652a30628b5bca768efb3156db43ae23751c56b7b8de24f270ced574
f5bdd0428ce32712cd47c600a66a3d81772896d2e13d7cc5256bcdfa868733c1